Gitlab

---
services:
  gitlab:
    image: gitlab/gitlab-ce:17.9.0-ce.0
    container_name: gitlab
    shm_size: '256m'
    environment: {}
    # --> (Optional) When using traefik...
    networks:
      - traefik
    # <--
    volumes:
      - ./gitlab/config:/etc/gitlab
      - ./gitlab/logs:/var/log/gitlab
      - gitlab-data:/var/opt/gitlab
    ports:
      # --> (Optional) Remove when using traefik...
      #- "80:80"
      #- "443:443"
      - 32769:443
      # <--
      - '2424:22'
    # --> (Optional) When using traefik...
    labels:
       - traefik.enable=true
       - traefik.http.services.gitlab.loadbalancer.server.port=80
       - traefik.http.services.gitlab.loadbalancer.server.scheme=http
       - traefik.http.routers.gitlab.service=gitlab
       - traefik.http.routers.gitlab.rule=Host(`gitlab.domain.ltd`) || Host(`gitlab.gitlab.domain.ltd`)
       - traefik.http.routers.gitlab.entrypoints=websecure
       - traefik.http.routers.gitlab.tls=true
       - traefik.http.routers.gitlab.tls.certresolver=cloudflare
    # <--
    # --> (Optional) Enable Container Registry settings here...
       - traefik.http.services.registry.loadbalancer.server.port=5678
       - traefik.http.services.registry.loadbalancer.server.scheme=http
       - traefik.http.routers.registry.service=registry
       - traefik.http.routers.registry.rule=Host(`registry.gitlab.domain.ltd`)
       - traefik.http.routers.registry.entrypoints=websecure
       - traefik.http.routers.registry.tls=true
       - traefik.http.routers.registry.tls.certresolver=cloudflare
    # <--
    restart: unless-stopped
  # new changes for adding Gitlab Runner container

    
volumes:
  gitlab-data:
    driver: local
# --> (Optional) When using traefik...
networks:
  traefik:
    external: true
# <--

# Create config file in gitlab/config/config.rb
external_url 'https://gitlab.domain.ltd' # <-- Replace with your GitLab FQDN

# SSH port
gitlab_rails['gitlab_shell_ssh_port'] = 2424

# Letsencrypt
letsencrypt['enable'] = false

# Nginx
nginx['listen_port'] = 80
nginx['listen_https'] = false

# Enable Github
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['github']
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_providers'] = [
  {
    "name" => "github",
    "app_id" => "APP-IP",
    "app_secret" => "APP-SECRET",
    "args" => { "scope" => "user,repo,read:org" }
  }
]
# --> (Optional) Enable Container Registry settings here...
# registry_external_url 'https://your-registry-fqdn'  # <-- Replace with your registry FQDN
# gitlab_rails['registry_enabled']  = true
# registry_nginx['listen_https']    = false
# registry_nginx['listen_port']     = 5678  # <-- Replace with your registry port
# <--

# --> (Optional) Add Authentik settings here...
# gitlab_rails['omniauth_auto_link_user'] = ['openid_connect']
# gitlab_rails['omniauth_providers'] = [
#   {
#     name: "openid_connect",  #  !-- Do not change this parameter
#     label: "Authentik",  # <-- (Optional) Change name for login button, defaults to "Openid Connect"
#     icon: "https://avatars.githubusercontent.com/u/82976448?s=200&v=4",
#     args: {
#       name: "openid_connect",
#       scope: ["openid","profile","email"],
#       response_type: "code",
#       issuer: "https://your-authentik-fqdn/application/o/your-gitlab-slug/",  # <-- Replace with your Authentik FQDN and GitLab slug
#       discovery: true,
#       client_auth_method: "query",
#       uid_field: "email",
#       send_scope_to_token_endpoint: "false",
#       pkce: true,
#       client_options: {
#         identifier: "your-authentik-provider-client-id",  # <-- Replace with your Authentik provider client ID
#         secret: "your-authentik-provider-client-secret",  # <-- Replace with your Authentik provider client secret
#         redirect_uri: "https://your-authentik-fqdn/users/auth/openid_connect/callback"  # <-- Replace with your Authentik FQDN
#       }
#     }
#   }
# ]
# <--

# --> (Optional) Change SMTP settings here...
# gitlab_rails['smtp_enable']           = true
# gitlab_rails['smtp_address']          = "your-smtp-server-addr"  # <-- Replace with your SMTP server address
# gitlab_rails['smtp_port']             = 465
# gitlab_rails['smtp_user_name']        = "your-smtp-username"  # <-- Replace with your SMTP username
# gitlab_rails['smtp_password']         = "your-smtp-password"  # <-- Replace with your SMTP password
# gitlab_rails['smtp_domain']           = "your-smtp-domain"  # <-- Replace with your SMTP domain
# gitlab_rails['smtp_authentication']   = "login"
# gitlab_rails['smtp_ssl']              = true
# gitlab_rails['smtp_force_ssl']        = true
# gitlab_rails['gitlab_email_from']     = 'your-email-from-addr'  # <-- Replace with your email from address
# gitlab_rails['gitlab_email_reply_to'] = 'your-email-replyto-addr'  # <-- Replace with your email reply-to address
# <--

PrécédentWindows Server Cheat-Sheet Suivantgitlab-runner

Mis à jour il y a 7 mois